EvanMcBroom

Encrypting Strings at Compile Time

Thank you to SpecterOps for supporting this research and to Duane and Matt for proofreading and editing! Crossposted on the SpecterOps Blog.

TLDR: You may use this header file for reliable compile time string encryption without needing any additional dependencies.

Programmers of DRM software, security products, or other sensitive code bases are commonly required to minimize the amount of human readable strings in binary output files. The goal of the minimization is to hinder others from reverse engineering their proprietary technology.

Common approaches that are taken to meet this requirement often add an additional maintenance burden to the developer and are prone to error. These approaches will be presented along with t

mattmazzola

function createToken(payload, key) {
  var header = { typ: 'JWT', alg: 'HS256' };
  
  var segments = [];
  segments.push(encodeURIComponent(btoa(JSON.stringify(header))));
  segments.push(encodeURIComponent(btoa(JSON.stringify(payload))));
  
  var footer = sign(segments.join('.'), key);